1. Technical Field
The present invention relates in general to the field of data processing systems. More particularly, the present invention relates to the field of securing data processing systems. Still more particularly, the present invention relates to a system and method for utilizing audit information for challenge/response during a password reset process.
2. Description of the Related Art
Today, many sources of vital information such as bank, e-mail, and on-line bill pay accounts rely on a user entering a username and password to gain access to the accounts. If a user of these types of accounts forget his or her password, it is common to verify the identity of the user utilizing some kind of predetermined challenge/response pair. For example, during account creation, the user may be required to submit and answer to a security question (e.g., mother's maiden name, first pet's name, elementary school name, favorite food, etc.). Utilizing a security question to verify user identity requires users to set up the information in advance, and relies on information an unauthorized user may obtain from other sources.
Therefore, there is a need for a system and method for addressing the aforementioned limitations of the prior art.